Hello there, I noticed a "small" problem when trying to export users DB with FWM.
When a user has a large number of "from" or "to" networks, the "fwm dbexport" can choke out with "Segmentation Fault : Core dumped". It was successfully recreated by adding lots of networks to a user's definition. This seems to be an occurence of "Buffer Overflow". Which means a hacker could specially craft a userdef file and then executing the "fwm dbexport" may lead to arbitrary execution of code. However, this has a very limited impact, has (normally) only root has access to either userdef or the correct execution of fwm. Jean-Francois Gobin ---------- Jean-Francois Gobin - Administrateur gobinjf.be http://www.gobinjf.be mailto:[EMAIL PROTECTED] ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
